CSSLP Question #169: Real Exam Question with Answer & Explanation

The correct answer is C: Planning, contracting, monitoring and acceptance, follow-on. According to the DoD and DHS, the Software Assurance Acquisition process comprises four distinct phases: Planning, Contracting, Monitoring and Acceptance, and Follow-on.

Secure Software Supply Chain

Question

What are the various phases of the Software Assurance Acquisition process according to the U.S. Department of Defense (DoD) and Department of Homeland Security (DHS) Acquisition and Outsourcing Working Group?

Options

AImplementing, contracting, auditing, monitoring
BRequirements, planning, monitoring, auditing
CPlanning, contracting, monitoring and acceptance, follow-on
DDesigning, implementing, contracting, monitoring

Explanation

According to the DoD and DHS, the Software Assurance Acquisition process comprises four distinct phases: Planning, Contracting, Monitoring and Acceptance, and Follow-on.

Common mistakes.

A. While implementing and monitoring are parts of the broader software lifecycle, 'auditing' is an activity that occurs across phases, and this choice does not align with the specific four-phase model.
B. 'Requirements' is typically part of the planning phase, and 'auditing' is an activity, not a standalone phase in this specific model.
D. 'Designing' and 'implementing' are development lifecycle phases, not the specific acquisition process phases defined by the DoD/DHS working group for software assurance.

Concept tested. Software Assurance Acquisition Process (DoD/DHS)

Reference. https://www.dhs.gov/sites/default/files/publications/Software_Assurance_Pocket_Guide-508.pdf

Topics

#Software Assurance#Acquisition Process#DoD/DHS#Supply Chain Security

Community Discussion

No community discussion yet for this question.

Full CSSLP Practice Browse All CSSLP Questions